<?php

/*
  [UCenter] (C)2001-2099 Comsenz Inc.
  This is NOT a freeware, use is subject to license terms

  $Id: base.php 1167 2014-11-03 03:06:21Z hypowang $
 */
!defined('IN_UC') && exit('Access Denied');

class base
{

    var $sid;
    var $time;
    var $onlineip;
    var $db;
    var $view;
    var $user = array();
    var $settings = array();
    var $cache = array();
    var $app = array();
    var $lang = array();
    var $input = array();

    function __construct()
    {
        $this->base();
    }

    function base()
    {
        $this->init_var();
        $this->init_db();
        $this->init_cache();
        $this->init_app();
        $this->init_user();
        $this->init_template();
        $this->init_note();
        $this->init_mail();
    }

    function init_var()
    {
        $this->time = time();
        $cip = getenv('HTTP_CLIENT_IP');
        $xip = getenv('HTTP_X_FORWARDED_FOR');
        $rip = getenv('REMOTE_ADDR');
        $srip = $_SERVER['REMOTE_ADDR'];
        if ($cip && strcasecmp($cip, 'unknown'))
        {
            $this->onlineip = $cip;
        }
        elseif ($xip && strcasecmp($xip, 'unknown'))
        {
            $this->onlineip = $xip;
        }
        elseif ($rip && strcasecmp($rip, 'unknown'))
        {
            $this->onlineip = $rip;
        }
        elseif ($srip && strcasecmp($srip, 'unknown'))
        {
            $this->onlineip = $srip;
        }
        preg_match("/[\d\.]{7,15}/", $this->onlineip, $match);
        $this->onlineip = $match[0] ? $match[0] : 'unknown';

        define('FORMHASH', $this->formhash());
        $_GET['page'] = max(1, intval(getgpc('page')));

        include_once UC_ROOT . './view/default/main.lang.php';
        $this->lang = &$lang;
    }

    function init_cache()
    {
        $this->settings = $this->cache('settings');
        $this->cache['apps'] = $this->cache('apps');
        if (PHP_VERSION > '5.1')
        {
            $timeoffset = intval($this->settings['timeoffset'] / 3600);
            @date_default_timezone_set('Etc/GMT' . ($timeoffset > 0 ? '-' : '+') . (abs($timeoffset)));
        }
    }

    function init_input($getagent = '')
    {
        $input = getgpc('input', 'R');
        if ($input)
        {
            $input = $this->authcode($input, 'DECODE', $this->app['authkey']);
            parse_str($input, $this->input);
            $this->input = daddslashes($this->input, 1, TRUE);
            $agent = $getagent ? $getagent : $this->input['agent'];

            if (($getagent && $getagent != $this->input['agent']) || (!$getagent && md5($_SERVER['HTTP_USER_AGENT']) != $agent))
            {
                exit('Access denied for agent changed');
            }
            elseif ($this->time - $this->input('time') > 3600)
            {
                exit('Authorization has expired');
            }
        }
        if (empty($this->input))
        {
            exit('Invalid input');
        }
    }

    function init_db()
    {
        if (function_exists("mysqli_connect"))
        {
            require_once UC_ROOT . 'lib/dbi.class.php';
        }
        else
        {
            require_once UC_ROOT . 'lib/db.class.php';
        }
        $this->db = new ucserver_db();
        $this->db->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, UC_DBCHARSET, UC_DBCONNECT, UC_DBTABLEPRE);
    }

    function init_app()
    {
        $appid = intval(getgpc('appid'));
        $appid && $this->app = $this->cache['apps'][$appid];
    }

    function init_user()
    {
        if (isset($_COOKIE['uc_auth']))
        {
            @list($uid, $username, $agent) = explode('|', $this->authcode($_COOKIE['uc_auth'], 'DECODE', ($this->input ? $this->app['appauthkey'] : UC_KEY)));
            if ($agent != md5($_SERVER['HTTP_USER_AGENT']))
            {
                $this->setcookie('uc_auth', '');
            }
            else
            {
                @$this->user['uid'] = $uid;
                @$this->user['username'] = $username;
            }
        }
    }

    function init_template()
    {
        $charset = UC_CHARSET;
        require_once UC_ROOT . 'lib/template.class.php';
        $this->view = new template();
        $this->view->assign('dbhistories', $this->db->histories);
        $this->view->assign('charset', $charset);
        $this->view->assign('dbquerynum', $this->db->querynum);
        $this->view->assign('user', $this->user);
    }

    function init_note()
    {
        if ($this->note_exists() && !getgpc('inajax'))
        {
            $this->load('note');
            $_ENV['note']->send();
        }
    }

    function init_mail()
    {
        if ($this->mail_exists() && !getgpc('inajax'))
        {
            $this->load('mail');
            $_ENV['mail']->send();
        }
    }

    function authcode($string, $operation = 'DECODE', $key = '', $expiry = 0)
    {

        $ckey_length = 4;

        $key = md5($key ? $key : UC_KEY);
        $keya = md5(substr($key, 0, 16));
        $keyb = md5(substr($key, 16, 16));
        $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length) : substr(md5(microtime()), -$ckey_length)) : '';

        $cryptkey = $keya . md5($keya . $keyc);
        $key_length = strlen($cryptkey);

        $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0) . substr(md5($string . $keyb), 0, 16) . $string;
        $string_length = strlen($string);

        $result = '';
        $box = range(0, 255);

        $rndkey = array();
        for ($i = 0; $i <= 255; $i++)
        {
            $rndkey[$i] = ord($cryptkey[$i % $key_length]);
        }

        for ($j = $i = 0; $i < 256; $i++)
        {
            $j = ($j + $box[$i] + $rndkey[$i]) % 256;
            $tmp = $box[$i];
            $box[$i] = $box[$j];
            $box[$j] = $tmp;
        }

        for ($a = $j = $i = 0; $i < $string_length; $i++)
        {
            $a = ($a + 1) % 256;
            $j = ($j + $box[$a]) % 256;
            $tmp = $box[$a];
            $box[$a] = $box[$j];
            $box[$j] = $tmp;
            $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
        }

        if ($operation == 'DECODE')
        {
            if ((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26) . $keyb), 0, 16))
            {
                return substr($result, 26);
            }
            else
            {
                return '';
            }
        }
        else
        {
            return $keyc . str_replace('=', '', base64_encode($result));
        }
    }

    function page($num, $perpage, $curpage, $mpurl)
    {
        $multipage = '';
        $mpurl .= strpos($mpurl, '?') ? '&' : '?';
        if ($num > $perpage)
        {
            $page = 10;
            $offset = 2;

            $pages = @ceil($num / $perpage);

            if ($page > $pages)
            {
                $from = 1;
                $to = $pages;
            }
            else
            {
                $from = $curpage - $offset;
                $to = $from + $page - 1;
                if ($from < 1)
                {
                    $to = $curpage + 1 - $from;
                    $from = 1;
                    if ($to - $from < $page)
                    {
                        $to = $page;
                    }
                }
                elseif ($to > $pages)
                {
                    $from = $pages - $page + 1;
                    $to = $pages;
                }
            }

            $multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="' . $mpurl . 'page=1" class="first"' . $ajaxtarget . '>1 ...</a>' : '') .
                    ($curpage > 1 && !$simple ? '<a href="' . $mpurl . 'page=' . ($curpage - 1) . '" class="prev"' . $ajaxtarget . '>&lsaquo;&lsaquo;</a>' : '');
            for ($i = $from; $i <= $to; $i++)
            {
                $multipage .= $i == $curpage ? '<strong>' . $i . '</strong>' :
                        '<a href="' . $mpurl . 'page=' . $i . ($ajaxtarget && $i == $pages && $autogoto ? '#' : '') . '"' . $ajaxtarget . '>' . $i . '</a>';
            }

            $multipage .= ($curpage < $pages && !$simple ? '<a href="' . $mpurl . 'page=' . ($curpage + 1) . '" class="next"' . $ajaxtarget . '>&rsaquo;&rsaquo;</a>' : '') .
                    ($to < $pages ? '<a href="' . $mpurl . 'page=' . $pages . '" class="last"' . $ajaxtarget . '>... ' . $realpages . '</a>' : '') .
                    (!$simple && $pages > $page && !$ajaxtarget ? '<kbd><input type="text" name="custompage" size="3" onkeydown="if(event.keyCode==13) {window.location=\'' . $mpurl . 'page=\'+this.value; return false;}" /></kbd>' : '');

            $multipage = $multipage ? '<div class="pages">' . (!$simple ? '<em>&nbsp;' . $num . '&nbsp;</em>' : '') . $multipage . '</div>' : '';
        }
        return $multipage;
    }

    function page_get_start($page, $ppp, $totalnum)
    {
        $totalpage = ceil($totalnum / $ppp);
        $page = max(1, min($totalpage, intval($page)));
        return ($page - 1) * $ppp;
    }

    function load($model, $base = NULL, $release = '')
    {
        $base = $base ? $base : $this;
        if (empty($_ENV[$model]))
        {
            $release = !$release ? RELEASE_ROOT : $release;
            if (file_exists(UC_ROOT . $release . "model/$model.php"))
            {
                require_once UC_ROOT . $release . "model/$model.php";
            }
            else
            {
                require_once UC_ROOT . "model/$model.php";
            }
            eval('$_ENV[$model] = new ' . $model . 'model($base);');
        }
        return $_ENV[$model];
    }

    function get_setting($k = array(), $decode = FALSE)
    {
        $return = array();
        $sqladd = $k ? "WHERE k IN (" . $this->implode($k) . ")" : '';
        $settings = $this->db->fetch_all("SELECT * FROM " . UC_DBTABLEPRE . "settings $sqladd");
        if (is_array($settings))
        {
            foreach ($settings as $arr)
            {
                $return[$arr['k']] = $decode ? unserialize($arr['v']) : $arr['v'];
            }
        }
        return $return;
    }

    function set_setting($k, $v, $encode = FALSE)
    {
        $v = is_array($v) || $encode ? addslashes(serialize($v)) : $v;
        $this->db->query("REPLACE INTO " . UC_DBTABLEPRE . "settings SET k='$k', v='$v'");
    }

    function message($message, $redirect = '', $type = 0, $vars = array())
    {
        include_once UC_ROOT . 'view/default/messages.lang.php';
        if (isset($lang[$message]))
        {
            $message = $lang[$message] ? str_replace(array_keys($vars), array_values($vars), $lang[$message]) : $message;
        }
        $this->view->assign('message', $message);
        if (!strpos($redirect, 'sid=') && (!strpos($redirect, 'ttp://')))
        {
            if (!strpos($redirect, '?'))
            {
                $redirect .= '?sid=' . $this->sid;
            }
            else
            {
                $redirect .= '&sid=' . $this->sid;
            }
        }
        $this->view->assign('redirect', $redirect);
        if ($type == 0)
        {
            $this->view->display('message');
        }
        elseif ($type == 1)
        {
            $this->view->display('message_client');
        }
        exit;
    }

    function formhash()
    {
        return substr(md5(substr($this->time, 0, -4) . UC_KEY), 16);
    }

    function submitcheck()
    {
        return @getgpc('formhash', 'P') == FORMHASH ? true : false;
    }

    function date($time, $type = 3)
    {
        $format[] = $type & 2 ? (!empty($this->settings['dateformat']) ? $this->settings['dateformat'] : 'Y-n-j') : '';
        $format[] = $type & 1 ? (!empty($this->settings['timeformat']) ? $this->settings['timeformat'] : 'H:i') : '';
        return gmdate(implode(' ', $format), $time + $this->settings['timeoffset']);
    }

    function implode($arr)
    {
        return "'" . implode("','", (array) $arr) . "'";
    }

    function set_home($uid, $dir = '.')
    {
        $uid = sprintf("%09d", $uid);
        $dir1 = substr($uid, 0, 3);
        $dir2 = substr($uid, 3, 2);
        $dir3 = substr($uid, 5, 2);
        !is_dir($dir . '/' . $dir1) && mkdir($dir . '/' . $dir1, 0777);
        !is_dir($dir . '/' . $dir1 . '/' . $dir2) && mkdir($dir . '/' . $dir1 . '/' . $dir2, 0777);
        !is_dir($dir . '/' . $dir1 . '/' . $dir2 . '/' . $dir3) && mkdir($dir . '/' . $dir1 . '/' . $dir2 . '/' . $dir3, 0777);
    }

    function get_home($uid)
    {
        $uid = sprintf("%09d", $uid);
        $dir1 = substr($uid, 0, 3);
        $dir2 = substr($uid, 3, 2);
        $dir3 = substr($uid, 5, 2);
        return $dir1 . '/' . $dir2 . '/' . $dir3;
    }

    function get_avatar($uid, $size = 'big', $type = '')
    {
        $size = in_array($size, array('big', 'middle', 'small')) ? $size : 'big';
        $uid = abs(intval($uid));
        $uid = sprintf("%09d", $uid);
        $dir1 = substr($uid, 0, 3);
        $dir2 = substr($uid, 3, 2);
        $dir3 = substr($uid, 5, 2);
        $typeadd = $type == 'real' ? '_real' : '';
        return $dir1 . '/' . $dir2 . '/' . $dir3 . '/' . substr($uid, -2) . $typeadd . "_avatar_$size.jpg";
    }

    function &cache($cachefile)
    {
        static $_CACHE = array();
        if (!isset($_CACHE[$cachefile]))
        {
            $cachepath = UC_DATADIR . './cache/' . $cachefile . '.php';
            if (!file_exists($cachepath))
            {
                $this->load('cache');
                $_ENV['cache']->updatedata($cachefile);
            }
            else
            {
                include_once $cachepath;
            }
        }
        return $_CACHE[$cachefile];
    }

    function input($k)
    {
        return isset($this->input[$k]) ? (is_array($this->input[$k]) ? $this->input[$k] : trim($this->input[$k])) : NULL;
    }

    function serialize($s, $htmlon = 0)
    {
        if (file_exists(UC_ROOT . RELEASE_ROOT . './lib/xml.class.php'))
        {
            include_once UC_ROOT . RELEASE_ROOT . './lib/xml.class.php';
        }
        else
        {
            include_once UC_ROOT . './lib/xml.class.php';
        }

        return xml_serialize($s, $htmlon);
    }

    function unserialize($s)
    {
        if (file_exists(UC_ROOT . RELEASE_ROOT . './lib/xml.class.php'))
        {
            include_once UC_ROOT . RELEASE_ROOT . './lib/xml.class.php';
        }
        else
        {
            include_once UC_ROOT . './lib/xml.class.php';
        }

        return @xml_unserialize($s);
    }

    function cutstr($string, $length, $dot = ' ...')
    {
        if (strlen($string) <= $length)
        {
            return $string;
        }

        $string = str_replace(array('&amp;', '&quot;', '&lt;', '&gt;'), array('&', '"', '<', '>'), $string);

        $strcut = '';
        if (strtolower(UC_CHARSET) == 'utf-8')
        {

            $n = $tn = $noc = 0;
            while ($n < strlen($string))
            {

                $t = ord($string[$n]);
                if ($t == 9 || $t == 10 || (32 <= $t && $t <= 126))
                {
                    $tn = 1;
                    $n++;
                    $noc++;
                }
                elseif (194 <= $t && $t <= 223)
                {
                    $tn = 2;
                    $n += 2;
                    $noc += 2;
                }
                elseif (224 <= $t && $t < 239)
                {
                    $tn = 3;
                    $n += 3;
                    $noc += 2;
                }
                elseif (240 <= $t && $t <= 247)
                {
                    $tn = 4;
                    $n += 4;
                    $noc += 2;
                }
                elseif (248 <= $t && $t <= 251)
                {
                    $tn = 5;
                    $n += 5;
                    $noc += 2;
                }
                elseif ($t == 252 || $t == 253)
                {
                    $tn = 6;
                    $n += 6;
                    $noc += 2;
                }
                else
                {
                    $n++;
                }

                if ($noc >= $length)
                {
                    break;
                }
            }
            if ($noc > $length)
            {
                $n -= $tn;
            }

            $strcut = substr($string, 0, $n);
        }
        else
        {
            for ($i = 0; $i < $length; $i++)
            {
                $strcut .= ord($string[$i]) > 127 ? $string[$i] . $string[++$i] : $string[$i];
            }
        }

        $strcut = str_replace(array('&', '"', '<', '>'), array('&amp;', '&quot;', '&lt;', '&gt;'), $strcut);

        return $strcut . $dot;
    }

    function setcookie($key, $value, $life = 0, $httponly = false)
    {
        (!defined('UC_COOKIEPATH')) && define('UC_COOKIEPATH', '/');
        (!defined('UC_COOKIEDOMAIN')) && define('UC_COOKIEDOMAIN', '');

        if ($value == '' || $life < 0)
        {
            $value = '';
            $life = -1;
        }

        $life = $life > 0 ? $this->time + $life : ($life < 0 ? $this->time - 31536000 : 0);
        $path = $httponly && PHP_VERSION < '5.2.0' ? UC_COOKIEPATH . "; HttpOnly" : UC_COOKIEPATH;
        $secure = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
        if (PHP_VERSION < '5.2.0')
        {
            setcookie($key, $value, $life, $path, UC_COOKIEDOMAIN, $secure);
        }
        else
        {
            setcookie($key, $value, $life, $path, UC_COOKIEDOMAIN, $secure, $httponly);
        }
    }

    function note_exists()
    {
        $noteexists = $this->db->result_first("SELECT value FROM " . UC_DBTABLEPRE . "vars WHERE name='noteexists'");
        if (empty($noteexists))
        {
            return FALSE;
        }
        else
        {
            return TRUE;
        }
    }

    function mail_exists()
    {
        $mailexists = $this->db->result_first("SELECT value FROM " . UC_DBTABLEPRE . "vars WHERE name='mailexists'");
        if (empty($mailexists))
        {
            return FALSE;
        }
        else
        {
            return TRUE;
        }
    }

    function dstripslashes($string)
    {
        if (is_array($string))
        {
            foreach ($string as $key => $val)
            {
                $string[$key] = $this->dstripslashes($val);
            }
        }
        else
        {
            $string = stripslashes($string);
        }
        return $string;
    }

}
